Calif. pledges better mobile privacy disclosures

California Attorney General Kamala Harris gestures during a news conference Wednesday, Feb. 22, 2012, in San Francisco. Mobile applications seeking to collect personal information will have to forewarn users as part of an agreement reached in California. The guidelines announced Wednesday by Harris are designed to protect consumers who don't realize that some applications are pulling potentially sensitive data from their smartphones and computer tablets. Harris says mobile apps that will keep users' personal information will have to spell out their intentions in privacy policies that potential users must see before the apps can be installed on a device. Six of the mobile computing market's most powerful companies have agreed to set up ways to post the privacy policies in online app stores. The cooperating companies are Google, Apple, Amazon.com Microsoft, Hewlett-Packard and BlackBerry maker Research in Motion Ltd.
(AP Photo/Ben Margot)

E-mail this article

To:

Invalid E-mail address

Add a personal message:(80 character limit)Your E-mail:

Invalid E-mail address

Sending your article

Your article has been sent.

SAN FRANCISCO—California is clamping down on nosy mobile applications, telling them they must give people advance warning if they want to keep pulling sensitive information from smartphones and computer tablets.

The crackdown comes six months after California Attorney General Kamala Harris began discussing the need for better privacy protections with six powerful companies that have shaped the mobile computing market, spawning nearly 1 million applications over the past four years.

Those talks led to an agreement requiring mobile apps seeking to collect personal information to forewarn users by displaying privacy policies before their services are installed on a device.

The companies working with Harris are: Apple Inc., the maker of the iPhone and iPad; Google Inc., the Internet search leader and maker of Android mobile software; Amazon.com Inc., the maker of the Kindle Fire tablet; Microsoft Corp., which makes a mobile version of its Windows operating system; Research in Motion Ltd., the maker of the BlackBerry; and Hewlett-Packard Co., which is donating its mobile software to the open-source community.

"We are assuming everyone is going to cooperate in good faith and not get cute," said Harris, who plans to review compliance with the guidelines in six months.

Harris, a Democrat, is taking her stand as lawmakers and regulators throughout the country are zeroing in on how technology has made it easier to pry into the lives of people who share personal information on websites and store sensitive data on their mobile devices.

The concerns have intensified in recent weeks as Google prepares to blend together a hodgepodge of privacy policies covering various services. The move will make it easier for Google to tie together personal information as it tries to sell more online advertising.

Harris and 35 other attorneys general sent a letter Wednesday to Google CEO Larry Page seeking a meeting with company officials to discuss the "troubling" privacy policy changes before they are scheduled to take effect March 1.

Most mobile apps haven't even drawn up a privacy policy, Harris said, partly because of confusion about whether a 7-year-old law governing online privacy applies to them.

The law requires online services collecting personal information to "conspicuously post" a privacy policy. That hasn't been happening among some of the even most intrusive apps that drill into address books and other personal files on smartphones and tablets. Having the data can help mobile apps attract more users or make their services more compelling.

"I would suggest most consumers don't want that to happen and in most cases don't know that is happening," Harris said.

That ignorance has been bliss so far for mobile apps. More than 35 billion apps already have been downloaded, a number likely to grow as smartphones and tablets replace desktop and laptop computers as people's primary connection to the Internet.

That will make people even more vulnerable to the kinds of privacy abuses that have been surfacing this month.

Path, which offers a mobile app for its social networking service, recently got caught downloading users' address books without explicit permission. After the practice was exposed on technology blogs, Path apologized and stopped doing it.

Just last week, the Federal Trade Commission released a study that concluded mobile app makers haven't been telling parents about the personal information they are collecting about kids who have installed their programs. That report raised questions whether some mobile app developers have been violating federal laws protecting children's online privacy.

Harris promised to sue mobile app makers who vacuum personal data without the required forewarning. Even if mobile apps obey the law, Harris acknowledged it still may not be enough to protect the majority of people who don't carefully reading voluminous privacy policies before accepting them.

Just having to sit down to write a privacy policy may be enough to force mobile app developers to think more carefully about their actions, said by Jon Fox, a consumer advocate for the California Public Interest Research Group.

"Having privacy policies is step one to protecting consumers' personal information," Fox said in a statement. "Step two is making sure the privacy policies are strong."